Re: [csswg-drafts] [css-values-4] Use "include" when fetching cross-origin CSS resources (#12074) from Noam Rosenthal via GitHub on 2025-04-15 (public-css-archive@w3.org from April 2025)

From: Noam Rosenthal via GitHub <sysbot+gh@w3.org>
Date: Tue, 15 Apr 2025 08:23:00 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-2804234680-1744705377-sysbot+gh@w3.org>

> If you make this change, you'll also need to update CSS Values 5 to specify what do for `crossorigin(anonymous)` as it currently just uses the default (https://drafts.csswg.org/css-values-5/#typedef-request-url-modifier-crossorigin-modifier).

You're right! Not just that, but existing callers that use `|corsMode| = "cors"` would receive the wrong credentials mode.
Amended so that:
- The URL modifiers in css-values-5 explicitly set `same-origin` when anonymous
- The default for cors-mode is anonymous, and only the no-cors default changes to use-credentials.

-- 
GitHub Notification of comment by noamr
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/pull/12074#issuecomment-2804234680 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 15 April 2025 08:23:05 UTC